
<?
	if (!defined('i-Teck_ADMIN')) die("Hacking attempt");

	switch($mod){
		case "add":?>
     
<form id="form1" name="form1" method="post" action="">
  <table width="600" border="0" align="center">
    <tr>
      <td colspan="2" class="fr_top">Thêm liên kết</td>
    </tr>
    <tr>
      <td width="153" class="fr">Link Website</td>
      <td width="437" class="fr_2"><input name="web_url" type="text" id="web_url" size="50" /></td>
    </tr>
    <tr>
      <td class="fr">Text Link | Link logo</td>
      <td class="fr_2"><input name="img_url" type="text" id="img_url" size="50" />
      <input type="button" value="Upload" onClick="window.open('?act=ads&mod=upload','test1','width=350,height=280');"></td>
    </tr>
    <tr>
      <td class="fr">Nơi hiển thị</td>
      <td class="fr_2">

          <input type="radio" name="hienthi" value="0"  checked="checked"/>
          Text Link
       
        
             <input type="radio" name="hienthi" value="1"/>
             Link Logo
</td>
    </tr>
   
    <tr>
      <td colspan="2" align="center" class="fr"><input type="submit" name="cmd" id="cmd" value="Thêm" /></td>
    </tr>
  </table>
</form>
<?
	if($_POST["cmd"]=="Thêm"){
		mysql_query("INSERT INTO shop_ads (web_url,img_url,hienthi) values
					('".addslashes($_POST["web_url"])."',
					'".addslashes($_POST["img_url"])."',
					'".intval($_POST["hienthi"])."')");
	
		echo"<meta http-equiv='refresh' content='0; url=?act=ads&mod=view'>";
		}


	break; 
	case "view":?>
<h3 align="center">Quản lý liên kết</h3>
<?
	$result=mysql_query("SELECT * FROM shop_ads");
	if(mysql_num_rows($result)<=0){echo"<center>Chưa có dữ liệu</center>";}
?>
<form id="form2" name="form2" method="post" action="">
  <table width="600" border="0" align="center">
    <tr class="fr_top">
      <td width="23">ID</td>
      <td width="359">Link web</td>
      <td width="150">Logo</td>
      <td width="24">Sửa</td>
      <td width="25">Xóa</td>
    </tr>
    <? while($r=mysql_fetch_array($result)){?>
    <tr>
      <td class="fr"><?=$r["id"];?></td>
      <td class="fr" align="center"><a target="_blank" href="<?=$r["web_url"];?>"><?=$r["web_url"];?></a></td>
      <td class="fr_2"><img src=<?
      if(preg_match('/img\/ads\/(.*)/',$r["img_url"],$m)){echo'../img/ads/'.$m[1];}else
	  echo $r["img_url"];?> width="150" height="80" />
      
      </td>
      <td class="fr_2"><a href=?act=ads&mod=edit&id=<? echo $r['id'];?>>Sửa</a></td>
    <td class="fr_2"><a onClick="return  confirm('Bạn có muốn xóa sản phẩm này ko');"href=?act=ads&mod=delete&id=<? echo $r['id'];?>>Xóa</a></td>
    </tr>
    <? }?>
  </table>
</form>
<? 

break;
case "edit":
$id=intval($_GET["id"]);
$re=mysql_query("SELECT * FROM shop_ads where id=$id");
while($r=mysql_fetch_array($re)){
?>

<form id="form1" name="form1" method="post" action="">
  <table width="600" border="0" align="center">
    <tr>
      <td colspan="2" class="fr_top">Sửa liên kết</td>
    </tr>
    <tr>
      <td width="153" class="fr">Link web</td>
      <td width="437" class="fr_2"><input name="web_url" type="text" id="web_url" size="50" value="<?=$r['web_url']?>" /></td>
    </tr>
    <tr>
      <td class="fr">Link logo</td>
      <td class="fr_2"><input name="img_url" type="text" id="img_url" size="50"  value="<?=$r['img_url']?>"/>
      <input type="button" value="Upload" onClick="window.open('?act=ads&mod=upload','test1','width=350,height=280');"></td>
    </tr>
    <tr>
      <td class="fr">Nơi hiển thị</td>
      <td class="fr_2">

          <input type="radio" name="hienthi" value="0" <? if($r['hienthi']=="0"){echo'checked="checked"';}?>/>
          Bên trái
         <input type="radio" name="hienthi" value="1"<? if($r['hienthi']=="1"){echo'checked="checked"';}?>/>
             Bên phải
</td>
    </tr>
   
    <tr>
      <td colspan="2" align="center" class="fr"><input type="submit" name="cmd" id="cmd" value="Sửa" /></td>
    </tr>
  </table>
</form>
<?
}
	if($_POST["cmd"]=="Sửa"){
			mysql_query("UPDATE shop_ads SET web_url='".addslashes($_POST["web_url"])."',
											 img_url='".addslashes($_POST["img_url"])."',
											 hienthi='".intval($_POST["hienthi"])."' WHERE id=$id");
			mysql_close();
			echo"<meta http-equiv='refresh' content='0; url=?act=ads&mod=view'>";
		}

break;
case "delete":
		$id=intval($_GET["id"]);
		mysql_query("delete from shop_ads where id=$id");
		mysql_close();
		echo "<meta http-equiv='refresh' content='0; url=?act=ads&mod=view'>";
break;

case "upload":
	
?>





<form enctype="multipart/form-data" method="post">
  <div align="center">
    <h1>Upload file 
    </h1>
  </div>
  
  
  <table width="400" border="0" align="center" cellpadding="3" cellspacing="3">
    <tr>
      <td>Chọn file: </td>
      <td><input name="f1" type="file" id="f1"></td>
    </tr>
    
    
    <tr>
      <td>&nbsp;</td>
      <td><input name="cmd" type="submit" id="cmd" value="Upload">
        <input type="reset" name="Reset" value="Reset"></td>
    </tr>
  </table>
</form>
<?

	if ($_REQUEST["cmd"] =="Upload"){
		$a = $_FILES["f1"]["tmp_name"];
		$b = $_FILES["f1"]["name"];
		$c = $_FILES["f1"]["size"];
		$d = $_FILES["f1"]["type"];
		$e = $_FILES["f1"]["error"];
		
		
		echo strstr("image",$d); 
		if (!getimagesize($_FILES['f1']['tmp_name']))
			{ echo "<font color=red><center>Invalid Image File...</center></font>";
			exit();
			}
			
			if (substr($d,0,5)=="image"){
				
		move_uploaded_file($a,"../img/ads/".$b);
		echo "Đã upload thành công file <b>{$b}</b>!<br>Click vào ảnh để chọn file này.<br>";
		
		echo "<a title='Chọn file này' href=# onclick=\"window.opener.document.form1.img_url.value='$web_urlimg/ads/$b';window.close();\"><img border=0 width=80 src=../img/ads/".$b." height=60></a>";
		

		
		
		} else {
		echo "Upload không thành công!";
		}
	}
			break;



	} 
?>
  
  
  
  
  
  
